Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-24882

Опубликовано: 26 апр. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 9.1

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
esm-apps/bionic

needs-triage

esm-infra/xenial

needs-triage

upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

released

2.2.0+dfsg1-0ubuntu0.18.04.3
devel

not-affected

2.7.0+dfsg1-1
esm-apps/noble

not-affected

2.7.0+dfsg1-1
esm-infra/bionic

not-affected

2.2.0+dfsg1-0ubuntu0.18.04.3
esm-infra/focal

not-affected

2.2.0+dfsg1-0ubuntu0.20.04.3
focal

released

2.2.0+dfsg1-0ubuntu0.20.04.3
impish

released

2.3.0+dfsg1-2ubuntu0.2
jammy

released

2.6.1+dfsg1-3ubuntu1
kinetic

not-affected

2.7.0+dfsg1-1
lunar

not-affected

2.7.0+dfsg1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 44%
0.00217
Низкий

5 Medium

CVSS2

9.1 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-24882

CVSS3: 7.5
redhat
около 3 лет назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.

nvd логотип

CVE-2022-24882

CVSS3: 9.1
nvd
около 3 лет назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.

debian логотип

CVE-2022-24882

CVSS3: 9.1
debian
около 3 лет назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). ...

fstec логотип

BDU:2022-04713

CVSS3: 9.1
fstec
около 3 лет назад

Уязвимость реализации протокола NTLM RDP-клиента FreeRDP, позволяющая нарушителю раскрыть защищаемую информацию

suse-cvrf логотип

SUSE-SU-2022:2354-1

suse-cvrf
почти 3 года назад

Security update for freerdp

EPSS

Процентиль: 44%
0.00217
Низкий

5 Medium

CVSS2

9.1 Critical

CVSS3

Уязвимость CVE-2022-24882